HN Morning Brief

Security checks across malware telemetry and agentic risk

Overview

This skill coherently fetches and summarizes Hacker News stories, with expected network use and memory-based personalization disclosed in the instructions.

Install this if you are comfortable with it running a small bundled Python script, fetching Hacker News RSS data, opening article URLs you ask about, and using saved interests to personalize ranking. No destructive behavior, credential use, hidden persistence, or unrelated data access was evident.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill instructs the agent to execute a Python script that fetches Hacker News stories and later to read arbitrary article URLs, which are network-capable behaviors, but no corresponding permission is declared. This creates a trust and sandboxing gap: operators and policy systems cannot accurately assess or constrain outbound network access, and the later 'dive deeper' flow may cause requests to untrusted third-party URLs from HN content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal